The federal prosecutors in the United States have charged Uber’s former chief security officer, Joe Sullivan, for covering up a massive data breach that the ride-hailing company suffered in 2016.
According to the press release published by the U.S. Department of Justice, Sullivan “took deliberate steps to conceal, deflect, and mislead the Federal Trade Commission about the breach” that also involved paying hackers $100,000 ransom to keep the incident secret.
“A criminal complaint was filed today in federal court charging Joseph Sullivan with obstruction of justice and misprision of a felony in connection with the attempted cover-up of the 2016 hack of Uber Technologies,” it says.
The 2016 Uber’s data breach exposed names, email addresses, phone numbers of 57 million Uber riders and drivers, and driver license numbers of around 600,000 drivers.
The company revealed this information to the public almost a year later in 2017, immediately after Sullivan left his job at Uber in November.
Later it was reported that two hackers, Brandon Charles Glover of Florida and Vasile Mereacre of Toronto, were behind the incident to whom Sullivan approved paying money in exchange for promises to delete data of customers they had stolen.
All this started when Sullivan, as a representative for Uber, in 2016 was responding to FTC inquiries regarding a previous data breach incident in 2014, and during the same time, Brandon and Vasile contacted him regarding the new data breach.
images from Hacker News